<!DOCTYPE HTML>

<html lang="en">
<head>

<title>RunAsManager (spring-security-docs 5.6.3 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../../script.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
    try {
        if (location.href.indexOf('is-external=true') == -1) {
            parent.document.title="RunAsManager (spring-security-docs 5.6.3 API)";
        }
    }
    catch(err) {
    }
//-->
var data = {"i0":6,"i1":6,"i2":6};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav">

<div class="topNav"><a id="navbar.top">

</a>
<div class="skipNav"><a href="RunAsManager.html#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_top");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="RunAsManager.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="RunAsManager.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">

</a></div>

</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>

<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.springframework.security.access.intercept</a></div>
<h2 title="Interface RunAsManager" class="title">Interface RunAsManager</h2>
</div>
<div class="contentContainer">
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Known Implementing Classes:</dt>
<dd><code><a href="RunAsManagerImpl.html" title="class in org.springframework.security.access.intercept">RunAsManagerImpl</a></code></dd>
</dl>
<hr>
<pre>public interface <span class="typeNameLabel">RunAsManager</span></pre>
<div class="block">Creates a new temporary <a href="../../core/Authentication.html" title="interface in org.springframework.security.core"><code>Authentication</code></a> object for the current secure object
invocation only.
<p>
This interface permits implementations to replace the <code>Authentication</code>
object that applies to the current secure object invocation only. The
<a href="AbstractSecurityInterceptor.html" title="class in org.springframework.security.access.intercept"><code>AbstractSecurityInterceptor</code></a> will
replace the <code>Authentication</code> object held in the
<a href="../../core/context/SecurityContext.html" title="interface in org.springframework.security.core.context"><code>SecurityContext</code></a> for
the duration of the secure object callback only, returning it to the original
<code>Authentication</code> object when the callback ends.
</p>
<p>
This is provided so that systems with two layers of objects can be established. One
layer is public facing and has normal secure methods with the granted authorities
expected to be held by external callers. The other layer is private, and is only
expected to be called by objects within the public facing layer. The objects in this
private layer still need security (otherwise they would be public methods) and they
also need security in such a manner that prevents them being called directly by
external callers. The objects in the private layer would be configured to require
granted authorities never granted to external callers. The <code>RunAsManager</code>
interface provides a mechanism to elevate security in this manner.
</p>
<p>
It is expected implementations will provide a corresponding concrete
<code>Authentication</code> and <code>AuthenticationProvider</code> so that the
replacement <code>Authentication</code> object can be authenticated. Some form of
security will need to be implemented to ensure the <code>AuthenticationProvider</code>
only accepts <code>Authentication</code> objects created by an authorized concrete
implementation of <code>RunAsManager</code>.
</p></div>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">

</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code><a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="RunAsManager.html#buildRunAs(org.springframework.security.core.Authentication,java.lang.Object,java.util.Collection)">buildRunAs</a></span>&#8203;(<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authentication,
java.lang.Object&nbsp;object,
java.util.Collection&lt;<a href="../ConfigAttribute.html" title="interface in org.springframework.security.access">ConfigAttribute</a>&gt;&nbsp;attributes)</code></th>
<td class="colLast">
<div class="block">Returns a replacement <code>Authentication</code> object for the current secure
object invocation, or <code>null</code> if replacement not required.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="RunAsManager.html#supports(java.lang.Class)">supports</a></span>&#8203;(java.lang.Class&lt;?&gt;&nbsp;clazz)</code></th>
<td class="colLast">
<div class="block">Indicates whether the <code>RunAsManager</code> implementation is able to provide
run-as replacement for the indicated secure object type.</div>
</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="RunAsManager.html#supports(org.springframework.security.access.ConfigAttribute)">supports</a></span>&#8203;(<a href="../ConfigAttribute.html" title="interface in org.springframework.security.access">ConfigAttribute</a>&nbsp;attribute)</code></th>
<td class="colLast">
<div class="block">Indicates whether this <code>RunAsManager</code> is able to process the passed
<code>ConfigAttribute</code>.</div>
</td>
</tr>
</table>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">

</a>
<h3>Method Detail</h3>
<a id="buildRunAs(org.springframework.security.core.Authentication,java.lang.Object,java.util.Collection)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>buildRunAs</h4>
<pre class="methodSignature"><a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;buildRunAs&#8203;(<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authentication,
                          java.lang.Object&nbsp;object,
                          java.util.Collection&lt;<a href="../ConfigAttribute.html" title="interface in org.springframework.security.access">ConfigAttribute</a>&gt;&nbsp;attributes)</pre>
<div class="block">Returns a replacement <code>Authentication</code> object for the current secure
object invocation, or <code>null</code> if replacement not required.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>authentication</code> - the caller invoking the secure object</dd>
<dd><code>object</code> - the secured object being called</dd>
<dd><code>attributes</code> - the configuration attributes associated with the secure object
being invoked</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>a replacement object to be used for duration of the secure object
invocation, or <code>null</code> if the <code>Authentication</code> should be left
as is</dd>
</dl>
</li>
</ul>
<a id="supports(org.springframework.security.access.ConfigAttribute)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>supports</h4>
<pre class="methodSignature">boolean&nbsp;supports&#8203;(<a href="../ConfigAttribute.html" title="interface in org.springframework.security.access">ConfigAttribute</a>&nbsp;attribute)</pre>
<div class="block">Indicates whether this <code>RunAsManager</code> is able to process the passed
<code>ConfigAttribute</code>.
<p>
This allows the <code>AbstractSecurityInterceptor</code> to check every
configuration attribute can be consumed by the configured
<code>AccessDecisionManager</code> and/or <code>RunAsManager</code> and/or
<code>AfterInvocationManager</code>.
</p></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>attribute</code> - a configuration attribute that has been configured against the
<code>AbstractSecurityInterceptor</code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><code>true</code> if this <code>RunAsManager</code> can support the passed
configuration attribute</dd>
</dl>
</li>
</ul>
<a id="supports(java.lang.Class)">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>supports</h4>
<pre class="methodSignature">boolean&nbsp;supports&#8203;(java.lang.Class&lt;?&gt;&nbsp;clazz)</pre>
<div class="block">Indicates whether the <code>RunAsManager</code> implementation is able to provide
run-as replacement for the indicated secure object type.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>clazz</code> - the class that is being queried</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if the implementation can process the indicated class</dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>

<footer role="contentinfo">
<nav role="navigation">

<div class="bottomNav"><a id="navbar.bottom">

</a>
<div class="skipNav"><a href="RunAsManager.html#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_bottom");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="RunAsManager.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="RunAsManager.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">

</a></div>

</nav>
</footer>
<script>if (window.parent == window) {(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','//www.google-analytics.com/analytics.js','ga');ga('create', 'UA-2728886-23', 'auto', {'siteSpeedSampleRate': 100});ga('send', 'pageview');}</script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194" integrity="sha512-Gi7xpJR8tSkrpF7aordPZQlW2DLtzUlZcumS8dMQjwDHEnw9I7ZLyiOj/6tZStRBGtGgN6ceN6cMH8z7etPGlw==" data-cf-beacon='{"rayId":"7040eb451e8197cf","token":"bffcb8a918ae4755926f76178bfbd26b","version":"2021.12.0","si":100}' crossorigin="anonymous"></script>
</body>
</html>
